Private key crucial to tracking Conficker creators

Malware still infecting machines.

A private key used to sign encrypted updates for Conficker was crucial missing evidence needed to track the creators of the malware.

The dedicated Conficker Working Group continued to hunt the creators of the malware while the worm was still actively infecting users.

Conficker Working Group member and researcher Jose Nazario said it was difficult to track the Conficker creators because they had abandoned the botnet, leaving researchers with a lack of leads.

“Well, we sort of won in that regard. They had to walk away from it. On the other hand, if they're not interacting with it, there's no more evidence coming in," Nazario told PCAdvisor.

“It feels like a stalemate. It feels like we're kind of in a holding pattern but there's still effort that goes into it.”

The working group was still interacting with sinkhole operators, top-level domain operators and ICANN, while the malware remained on autopilot taking advantage of vulnerable computers and proving to be a long-term nuisance.

All rights reserved. This material may not be published, broadcast, rewritten or redistributed in any form without prior authorisation.Your use of this website
constitutes acceptance of nextmedia's Privacy Policy and
Terms & Conditions.